Wireless LAN Overview

When you connect your laptop to a WiFi network at home, in an office, or at a coffee shop, you're almost certainly using Infrastructure Mode—the dominant architecture for wireless LANs worldwide. In this mode, an Access Point (AP) acts as a central coordinator, bridging wireless clients to the wired network and managing all communication.

Infrastructure Mode is so ubiquitous that many users don't realize alternative architectures exist. But its prevalence isn't accidental—this architecture solves critical problems: it provides reliable connectivity, enables roaming between coverage areas, enforces security policies, and bridges the gap between wireless and wired networks. Understanding Infrastructure Mode means understanding how virtually every WiFi network operates.

The fundamental building block of Infrastructure Mode is the Basic Service Set (BSS). A BSS consists of a single access point and its associated wireless clients (called stations or STAs in 802.11 terminology).

BSS Identification:

Every BSS is uniquely identified by a BSSID—typically the MAC address of the access point's wireless interface. When a client associates with an AP, it's joining that AP's BSS.

The SSID (Service Set Identifier):

The SSID is the human-readable network name—"CoffeeShop_WiFi" or "CorpNet-5G." Important distinctions:

• SSID is not unique — Multiple APs can advertise the same SSID (and usually do in enterprise deployments)
• BSSID is unique — Each AP interface has its own BSSID
• Clients connect to a BSSID (specific AP) even though they select by SSID (network name)

Coverage Area:

The BSS coverage area, sometimes called a cell, is determined by:

• AP transmit power
• Client transmit capabilities
• Environmental factors (walls, interference)
• Receive sensitivity of both AP and clients

Unlike the clean circles in textbook diagrams, real coverage areas are irregular, affected by building construction, furniture, and the RF environment.

A single access point can only cover a limited area. To provide wireless connectivity across a large building or campus, multiple APs are deployed with overlapping coverage. When these APs share the same SSID and are connected to a common distribution system, they form an Extended Service Set (ESS).

ESS Architecture:

• Multiple APs (each with unique BSSID) share a common SSID
• APs connect to a Distribution System (DS)—typically the wired Ethernet network
• Clients can roam (move) between APs while maintaining network connectivity
• From the client's perspective, the ESS appears as a single logical network

The Distribution System:

The DS connects access points and bridges traffic between them. In most deployments:

• The DS is simply the Ethernet switch infrastructure
• All APs connect to the same VLAN or routed network
• Traffic between clients on different APs flows through the DS

Roaming in the ESS:

As a user walks through a building, their device monitors signal quality. When the current AP's signal degrades sufficiently, the device:

1. Scans for alternative APs advertising the same SSID
2. Selects a candidate AP with better signal
3. Authenticates and associates with the new AP
4. Disassociates from the old AP (may be implicit)

The goal is a seamless handoff where applications don't notice the transition.

The access point is the heart of Infrastructure Mode, performing numerous critical functions beyond simply relaying frames. Understanding these responsibilities illuminates why WiFi networks behave as they do.

Core AP Responsibilities:

The Beacon Frame:

Beacons are the heartbeat of Infrastructure Mode. Transmitted at the Target Beacon Transmission Time (TBTT), typically every 102.4ms, beacons contain:

• SSID — Network name (may be hidden/null)
• Supported Rates — Data rates the AP supports
• Capability Information — Security, quality settings
• Channel Information — Current operating channel
• Traffic Indication Map (TIM) — Indicates buffered frames for sleeping clients
• Country Information — Regulatory domain
• Vendor-Specific Elements — Proprietary extensions

Beacon Overhead:

Beacons consume airtime. With multiple BSSIDs per radio and multiple APs in range, beacon traffic becomes significant:

• 10 SSIDs × every 102.4ms = ~97 beacons/second per AP
• In dense deployments with 20+ APs in range, beacon overhead can consume 10-20% of available airtime

This is why enterprise controllers often reduce virtual SSID counts and may extend beacon intervals.

Before a client can exchange data through an access point, it must complete a multi-step association process. This sequence establishes the client's identity, negotiates capabilities, and (for secured networks) establishes encryption keys.

The Complete Connection Sequence:

Scanning Methods:

Passive Scanning:

• Client listens on each channel for beacons
• Pro: Low power consumption, doesn't disturb network
• Con: Must wait up to one beacon interval per channel (~100ms × 13 channels = 1.3 seconds for 2.4 GHz)

Active Scanning:

• Client transmits Probe Request on each channel
• APs respond with Probe Response (essentially a unicast beacon)
• Pro: Much faster discovery (<100ms total)
• Con: Higher power consumption, adds network traffic
• Clients often use a hybrid approach: active scan initially, passive for background updates

WPA2-Enterprise Connection:

For enterprise networks using 802.1X authentication, the process extends significantly:

1. Initial association as above (Open System authentication)
2. EAPOL-Start — Client initiates 802.1X
3. EAP Identity Request/Response — AP (as authenticator) requests identity
4. EAP Method Exchange — Full EAP authentication (e.g., PEAP, EAP-TLS) with RADIUS server
5. EAP Success — RADIUS approves; AP receives keying material
6. 4-Way Handshake — Derive per-client encryption keys
7. Connectivity — Client is now authorized and encrypted

This extended process can take 500ms to several seconds, making fast roaming protocols essential for VoIP and real-time applications.

In Infrastructure Mode, the access point mediates all traffic—even between wireless clients on the same AP. Understanding this traffic flow is crucial for network design and troubleshooting.

Traffic Types:

Uplink Traffic (Client to Network):

1. Client transmits frame to AP
2. AP converts to wired frame format (802.3)
3. AP forwards to distribution system
4. Frame routed to destination

Downlink Traffic (Network to Client):

1. Frame arrives from distribution system
2. AP converts to wireless frame format (802.11)
3. AP transmits to client
4. Client acknowledges reception

Intra-BSS Traffic (Client to Client on Same AP):

1. Client A transmits to AP (addressed to Client B)
2. AP receives and acknowledges
3. AP transmits to Client B
4. Client B acknowledges

Why does client-to-client traffic go through the AP?

• Clients typically can't hear each other (hidden node problem)
• Maintains security enforcement point
• Enables traffic inspection and policy application
• Required by 802.11 standard for Infrastructure Mode

802.11 Frame Addressing:

Unlike Ethernet's simple source/destination addressing, 802.11 frames have four address fields to handle various traffic scenarios:

Address Field Usage in Infrastructure Mode:

Understanding the Address Fields:

• Address 1 is always the immediate receiver (who should process this frame at Layer 2)
• Address 2 is always the immediate transmitter
• Address 3 carries the "other" address needed for bridging
• Address 4 is only used in WDS (Wireless Distribution System) where both ends are APs

Example: Client A sends to Client B via AP:

1. Client A → AP:

   • ToDS=1, FromDS=0
   • Addr1=AP (receiver)
   • Addr2=Client A (sender)
   • Addr3=Client B (ultimate destination)

2. AP → Client B:

   • ToDS=0, FromDS=1
   • Addr1=Client B (receiver)
   • Addr2=AP (sender)
   • Addr3=Client A (original source)

The AP uses Addr3 to know where to send (step 1) and to preserve source information (step 2).

Mobile devices—phones, tablets, laptops—run on battery power. A WiFi radio constantly listening for transmissions would drain batteries rapidly. Infrastructure Mode provides sophisticated power save mechanisms that allow clients to sleep most of the time while still receiving data reliably.

Legacy Power Save (PS-Poll):

The original power save mechanism works as follows:

1. Client informs AP it's entering power save mode (PS flag in frame control)
2. AP buffers any frames destined for sleeping client
3. AP includes sleeping client's AID in the Traffic Indication Map (TIM) in beacons
4. Client wakes periodically to receive beacons (every 102.4ms typical)
5. If TIM indicates buffered traffic, client sends PS-Poll frame
6. AP sends one buffered frame
7. Repeat PS-Poll for each buffered frame
8. Client returns to sleep

Limitations of PS-Poll:

• Must wake for every beacon (significant power drain)
• One PS-Poll per buffered frame (high overhead for bursty traffic)
• Latency of 100-200ms for arriving traffic

Unscheduled Automatic Power Save Delivery (U-APSD):

802.11e introduced U-APSD (also marketed as WMM Power Save), a more efficient approach:

1. Client sends any uplink frame as a trigger
2. AP delivers all buffered frames in a burst (Service Period)
3. AP indicates end of delivery with EOSP (End of Service Period) bit
4. Client immediately returns to sleep

This is particularly effective for VoIP: the client's periodic voice packets automatically trigger delivery of incoming voice, maintaining call quality while sleeping between packets.

Target Wake Time (TWT) — WiFi 6:

802.11ax introduced TWT, a game-changer for IoT and battery life:

1. Client negotiates scheduled wake times with AP
2. "Wake at 500ms past each minute for 5ms"
3. Client sleeps deeply between scheduled times
4. AP buffers frames and delivers at agreed times

TWT Benefits:

• IoT devices can sleep for minutes or hours
• Reduces contention (devices wake at staggered times)
• Enables years of battery life for sensors
• AP can coordinate TWT schedules to reduce collisions

Individual access points are fine for home networks, but enterprise deployments require coordinated management of dozens, hundreds, or thousands of APs. Several architectural models have evolved to address this challenge.

Autonomous (Fat) APs:

• Each AP operates independently
• Contains full OS, management interface, intelligence
• Configuration per-device or via simple management system
• No central controller required

Pros: Simple for small deployments, no single point of failure Cons: Difficult to maintain consistency, limited roaming optimization

Controller-Based (Thin APs):

A central Wireless LAN Controller (WLC) manages all access points:

• APs are "thin/lightweight"—minimal local intelligence
• Controller handles configuration, policy, and often traffic forwarding
• Two architectural variants:
  • CAPWAP tunneling: All traffic tunnels to controller, then to network
  • Local switching: Only control traffic goes to controller; data switched locally

Pros: Centralized management, consistent policy, advanced roaming Cons: Controller is single point of failure (often deployed in pairs), can create traffic bottleneck

Cloud-Managed APs:

Modern cloud-managed architectures combine benefits of both approaches:

• APs are locally intelligent (can operate if cloud unreachable)
• Management plane in cloud (configuration, monitoring, updates)
• Data plane stays local (no traffic to cloud)
• Zero-touch provisioning: AP connects to cloud, downloads configuration

Examples: Cisco Meraki, Aruba Central, Ubiquiti UniFi Cloud

Split-MAC vs. Unified MAC:

In controller architectures, the 802.11 MAC layer can be split:

Split-MAC (CAPWAP):

• Time-critical functions (ACKs, beacons) handled by AP
• Higher-level functions (security, management) handled by controller
• CAPWAP tunnels frames between AP and controller

Local MAC (FlexConnect/Autonomous):

• Full MAC at AP
• Controller provides configuration and coordination
• Data switched locally, never touches controller

Most modern deployments use local switching with centralized control—providing management simplicity without controller bottlenecks.

We've comprehensively explored Infrastructure Mode—the architecture underlying virtually every WiFi network you'll encounter. From basic concepts to enterprise deployments, these fundamentals apply regardless of scale.

What's Next:

Infrastructure Mode requires APs, but what if no infrastructure exists? The next page explores Ad-Hoc Mode—peer-to-peer wireless networking where stations communicate directly without an access point, enabling communication in scenarios where infrastructure isn't available or appropriate.